Security News > 2024 > July > US offers $10M for tips on DPRK hacker linked to Maui ransomware attacks
The U.S. State Department is offering a reward of up to $10 million for information that could lead to the identification or location of a North Korean military hacker identified as Rim Jong Hyok.
Part of the Andariel North Korean hacking group, Hyok and other Andariel operatives were linked to Maui ransomware attacks targeting critical infrastructure and healthcare organizations across the United States.
U.S. law enforcement investigating their attacks has linked the North Korean hackers to ransomware incidents that impacted two U.S. Air Force bases, five healthcare providers, four U.S.-based defense contractors, and the National Aeronautics and Space Administration's Office of Inspector General.
"The ransomware attacks encrypted victims' computers and servers used for medical testing or electronic medical records and disrupted healthcare services. These malicious cyber actors then used the ransom payments to fund malicious cyber operations targeting U.S. government entities and U.S. and foreign defense contractors, among others."
Japan warns of attacks linked to North Korean Kimsuky hackers.
U.S. indicts Russian GRU hacker, offers $10 million reward.
News URL
Related news
- Microsoft links Scattered Spider hackers to Qilin ransomware attacks (source)
- North Korean Hackers Shift from Cyber Espionage to Ransomware Attacks (source)
- U.S. DoJ Indicts North Korean Hacker for Ransomware Attacks on Hospitals (source)
- Hackers Use MS Excel Macro to Launch Multi-Stage Malware Attack in Ukraine (source)
- London hospitals left in critical condition after ransomware attack (source)
- Major London hospitals disrupted by Synnovis ransomware attack (source)
- Qilin ransomware gang linked to attack on London hospitals (source)
- New Fog ransomware targets US education sector via breached VPNs (source)
- London hospitals face blood shortage after Synnovis ransomware attack (source)
- Black Basta ransomware gang linked to Windows zero-day attacks (source)